[ISN] Flaw Lets Hackers Control Electronic Highway Billboards

http://www.nextgov.com/cybersecurity/2014/06/flaw-lets-hackers-control-electronic-highway-billboards/85849/ By Aliya Sternstein Nextgov.com June 5, 2014 The Homeland Security Department is cautioning transportation operators about a security hole in some electronic freeway billboards that could let hackers display bogus warnings to drivers. “The vulnerability is a hard-coded password that could allow unauthorized access to the highway sign,” DHS officials said in an alert on Wednesday. Hard-coded passwords, sometimes called back doors, are default logins that software developers code into their programs. The vulnerability was identified in Daktronics Vanguard highway notification sign configuration software, officials said. A “proof of concept” method to exploit the flaw has been made available, DHS officials warned. The Federal Highway Administration informed DHS of a public report of the vulnerability, Homeland Security officials said. Officials have notified the vendor to confirm the issue and figure out a fix. In the meantime, they are recommending users “review sign messaging,” update passwords and secure communication paths to the signs. […]